Pierluigi Paganini December 03, 2014
Security expert Billy Rios created WhiteScope, the database of whitelisted ICS and SCADA files

Security researcher Billy Rios has created WhiteScope, a database containing hundreds of thousands of “known-good” files of SCADA and ICS software. The cyber security expert Billy Rios has created WhiteScope, a database containing hundreds of thousands of “known-good” files from makers of SCADA and ICS software with the intent to support users to identify legitimate ICS/SCADA files. “WhiteScope has over […]

Pierluigi Paganini November 08, 2014
Russian hackers infiltrated many US critical infrastructure

The Department of Homeland Security (DHS) revealed that Russian hackers have infiltrated several critical infrastructure in the United States. Government officials reported to the ABC News agency that hackers have compromised computing systems in many nation’s critical infrastructure. The attackers have infected the software that runs in the critical infrastructure with a malware, the circumstance creates a […]

Pierluigi Paganini October 19, 2014
Flaws in DTM components are threatening security of critical Industrial Control Systems

Researchers at the last Black Hat Europe have presented the results of their research on DTM/FDT components, demonstrating the presence of serious flaws. The researchers Alexander Bolshev and Gleb Cherbov at Digital Security, have discovered several serious vulnerabilities in industrial components designed to implement the management interface industrial control systems (ICS). The experts have analyzed the implementation of Field Device Tool / […]

Pierluigi Paganini June 10, 2014
ICS-CERT warns of possible hack of road signs controlled by Daktronics Vanguard software

ICS-CERT issued an alert for the presence of a hardcoded password flaw in Daktronics Vanguard highway dynamic message sign (DMS) configuration software. Security experts have discovered a new flaw in Daktronics’ Vanguard software which could be remotely exploited by hackers to hack electronic road signs. A week ago, it was reported that Daktronics’ Vanguard dynamic highway message sign (DMS) configuration […]

Pierluigi Paganini February 11, 2014
The Mask – the most sophisticated APT operation seen to date

Speaking at Kaspersky Lab’s Industry Analyst Summit,Costin Raiu revealed details on The Mask campaign, the most sophisticated operation they’ve seen to date. The Kaspersky team recently announced to have detected a new significant APT campaign dubbed The Mask or “Careto” (Spanish for “Ugly Face” or “Mask”), a group of high-level state-sponsored hackers have been targeting government agencies, […]

Pierluigi Paganini February 09, 2014
Cost of conducting APT campaigns is dramatically dropping

Speaking at Kaspersky Lab’s Industry Analyst Summit Costin Raiu, revealed that the cost for APT campaign is dramatically dropping. The cost of developing advanced malware has fallen dramatically malicious code like Stuxnet and Flame are today economically more affordable. It has been estimated that the expense for the development of a cyber weapon like Stuxnet,or for a […]

Pierluigi Paganini January 16, 2014
An increasing number of targeted attacks against the energy sector

Symantec published in the report titled “Targeted Attacks Against the Energy Sector” to describe the security landscape for companies of the sector. Companies and industries belonging in the energy sector are waiting most targeted sectors on a global scale, Symantec has issued a very interesting report titled “Targeted Attacks Against the Energy Sector” that provide […]

Pierluigi Paganini January 15, 2014
Kaspersky discovered Icefog Hit US energy companies with Java Backdoor

Kaspersky experts discovered a java version of icefog espionage campaign that targeted at least 3 us oil, gas companies spreading a backdoor dubbed Javafog. Kaspersky Lab in September 2013 announced to have discovered Icefog team, an emerging group of cyber-mercenaries available for hire to conduct surgical hit and run operations against strategic targets.  The cyber […]